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DETAILED ACTION 

The Applicant uses "means for" thought the claim language. The Examiner 
considers 1 12 6 th paragraph to be invoked. 

Information Disclosure Statement 

The information disclosure statement filed 3/29/2004 fails to comply with 37 CFR 
1 .98(a)(3) because it does not include a concise explanation of the relevance, as it is 
presently understood by the individual designated in 37 CFR 1 .56(c) most 
knowledgeable about the content of the information, of each patent listed that is not in 
the English language. It has been placed in the application file, but the information 
referred to therein has not been considered. 

Claim Rejections - 35 USC §112 

The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

Claims 7-12, 19-24 are rejected under 35 U.S.C. 112, second paragraph, as 
being indefinite forfaiting to particularly point out and distinctly claim the subject matter 
which applicant regards as the invention. The Examiner cannot determine from the 
specification structure to correlate with the "means for" language as required. 

Claim 5 recites the limitation M new connection" There is insufficient antecedent 
basis for this limitation in the claim. The Examiner cannot determine what new 
connection the claim is referring to. 



Application/Control Number: 10/749,651 



Art Unit: 2139 



Page 3 



Claim Rejections - 35 USC § 101 

35 U.S. C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

Claims 7-12, 19-24 are rejected under 35 U.S.C. 101 because the claimed invention is 

directed to non-statutory subject matter. These claims are directed to systems of 

software. Generally, functional descriptive material, such as a computer program, is 

statutory when it is stored on a tangible computer readable medium. See MPEP § 2106 

IV.B.I(a). 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 1-30 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Blewett et al. (US 7,131,141) herein Blewett, and further in view of Yang (US 
2004/0117485). 

Claim 1, 7, 19 discloses a method for enabling a first communications system and a 
second communications system, respectively located behind a first firewall and a 
second firewall, to directly communicate with each other, wherein each of said first and 
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second firewalls respectively prevents communication initiated from an external data 
network from reaching said first or second communications system, said method 
comprising: 

establishing a first secure connection via said external data network between 
said first communications system and a central communications station through said 
first firewall, wherein said first secure connection is initiated by said first 
communications system thereby being allowed to pass through said first firewall; 

establishing a second secure connection via said external data network between 
said second communications system and said central communications station through 
said second firewall, wherein said second secure connection is initiated by said second 
communications system thereby being allowed to pass through said second firewall 
(The communication scheme of a first and second firewall is shown in Yang Fig. 2 and 
associated text where 210 and 120 both connect to 205, interpreted to be the central 
communications station, through firewalls 1 1 0 and 1 1 0 respectively); 

forwarding connection information of said second communications system to said 
first communications system via said first secure connection using said central 
communications station (Yang does not but Blewett teaches forwarding connection , 
information. Blewett column 3 lines 55-64 teach clients connected through a TCP/IP 
connection. It would be obvious to one of ordinary skill in the art at the time of invention 
to us a TCP/IP connection where it would be inherent that connection information is 
exchanged in the connection oriented protocol. The motivation to combine Yang and 
Blewett would be within the same column and lines of Blewett where it states that a 



Application/Control Number: 10/749,651 Page 5 

Art Unit: 2139 

client in one network is initiating communication with a host on another network through 
a gateway (interpreted to be the central communication station). Column 3 lines 29-31 , 
" A protected... security measures" teach the firewalls used in Yang); and 

transmitting data from said first communications system to said second 
communications system, wherein said data uses said connection information of said 
second communications system as its destination information and uses connection 
information for said central communications station as its source information so as to 
appear as if it had originated from said central communications station (Blewett column 
3 lines 65-67 and column 4 lines 1-3 where the security gateway is interpreted to be the 
central communications station as above). 

Claim 2, 8, 20 discloses the method of claim 1 wherein said connection information for 
said second communications system includes Internet protocol address and port of said 
second communications system and wherein said connection information for said 
central communications station includes Internet protocol address and port of said 
central communications station (Blewett column 10 lines 8-10 teach transformations 
based on network address/port). 

Claim 3, 9, 21 discloses the method of claim 1 further comprising: 

forwarding connection information of said first communications system to said 

second communications system via said second secure connection using said central 

communications station; and 

transmitting data from said second communications system to said first 

communications system, wherein said data uses said connection information of said 
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first communications system as its destination information and uses connection 
information for said central communications station as its source information so as to 
appear as if it had originated from said central communications station (Blewett column 
8 lines 29-37 teach source network address translation). 

Claim 4, 10, 22 discloses the method of claim 3 wherein said connection information for 
said first communications system includes Internet protocol address and port of said 
first communications system (Blewett column 10 lines 8-10 teach transformations based 
on network address/port). 

Claim 5, 11, 23 discloses a method for enabling a first communications system and a 
second communications system, respectively located behind a first firewall and a 
second firewall and having respective associated first and second network address 
translation devices, to directly communicate with each other, wherein each of said first 
and second firewalls respectively prevents communication initiated from an external 
data network from reaching said first or second communications system and wherein 
each of said first and second network address translation devices respectively provides 
public source information for outbound data originated from said first and second 
communications system, said method comprising: 

establishing a first secure connection via an external data network between said 
first communications system and a central communications station through said first 
firewall, wherein said first secure connection is initiated by said first communications 
system thereby being allowed to pass through said first firewall (Yang fig 2 Connection 
(210!->205) associated text describes it as a secure connection. Yang does not but 
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Blewett, column 2 lines 25-35, teaches the use of source and destination address 
translation of port/ip address. It would be obvious to one of ordinary skill in the art at the 
time of invention to translate the source and destination ip addresses/ports of data 
exiting a private intranet. The motivation to combine would be Blewett column 2 lines 
51-55 "network address... home network"); 

establishing a second secure connection via said external data network between 
said second communications system and said central communications station through 
said second firewall, wherein said second secure connection is initiated by said second 
communications system thereby being allowed to pass through said second firewall 
(Yang fig 2 Connection (120 2 ->205) and associated text describes it as a secure 
connection); 

transmitting connection information for establishing new connection with said first 
communications system from said first communications systems to said central 
communications station via said first secure connection(Yang does not but Blewett 
teaches forwarding connection information. Blewett column 3 lines 55-64 teach clients 
connected through a TCP/IP connection. It would be obvious to one of ordinary skill in 
the art at the time of invention to us a TCP/IP connection where it would be inherent that 
connection information is exchanged in the connection oriented protocol. The 
motivation to combine Yang and Blewett would be within the same column and lines of 
Blewett where it states that a client in one network is initiating communication with a 
host on another network through a gateway (interpreted to be the central 
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communication station). Column 3 lines 29-31, " A protected... security measures" 
teach the firewalls used in Yang); 

transmitting connection information for establishing new connection with said 
second communications system from said second communications system to said 
central communications station via said second secure (Yang does not but Blewett 
teaches forwarding connection information. Blewett column 3 lines 55-64 teach clients 
connected through a TCP/IP connection. It would be obvious to one of ordinary skill in 
the art at the time of invention to us a TCP/IP connection where it would be inherent that 
connection information is exchanged in the connection oriented protocol. The 
motivation to combine Yang and Blewett would be within the same column and lines of 
Blewett where it states that a client in one network is initiating communication with a 
host on another network through a gateway (interpreted to be the central 
communication station). Column 3 lines 29-31, " A protected... security measures" 
teach the firewalls used in Yang); 

forwarding said connection information for establishing new connection with said 
second communications system to said first communications system via said first 
secure connection using said central communications station(Yang does not but Blewett 
teaches forwarding connection information. Blewett column 3 lines 55-64 teach clients 
connected through a TCP/IP connection. It would be obvious to one of ordinary skill in 
the art at the time of invention to us a TCP/IP connection where it would be inherent that 
connection information is exchanged in the connection oriented protocol. The 
motivation to combine Yang and Blewett would be within the same column and lines of 
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Blewett where it states that a client in one network is initiating communication with a 
host on another network through a gateway (interpreted to be the central 
communication station). Column 3 lines 29-31, " A protected... security measures" 
teach the firewalls used in Yang); 

transmitting a connection request from said first communications system to said 
second communications system wherein said connection request uses said connection 
information for establishing new connection with said second communications system 
as its destination information (Blewett column 3 lines 55-65 teach initiating a IP 
connection and lines 65-67 and column 4 lines 1-3 teach address translation); 

forwarding said connection information for establishing new connection with said 
first communications system to said second communications system via said second 
secure connection using said central communications station (Yang does not but 
Blewett teaches forwarding connection information. Blewett column 3 lines 55-64 teach 
clients connected through a TCP/IP connection. It would be obvious to one of ordinary 
skill in the art at the time of invention to us a TCP/IP connection where it would be 
inherent that connection information is exchanged in the connection oriented protocol. 
The motivation to combine Yang and Blewett would be within the same column and 
lines of Blewett where it states that a client in one network is initiating communication 
with a host on another network through a gateway (interpreted to be the central 
communication station). Column 3 lines 29-31, " A protected... security measures" 
teach the firewalls used in Yang); 
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transmitting connection acknowledgement and request from said second 
communications system to said first communications system wherein said connection 
acknowledgement and request uses said connection information for establishing new 
connection with said first communications system as its destination information (Blewett 
column 8 lines 45-45 teach a "reply packet" to the initiating host from the destination 
host); and 

in response to receiving said connection acknowledgement and request from 
said second communications system, transmitting a connection acknowledgement from 
said first communications system to said second communications system (Blewett 
column 3 lines 55-65 teach a TCP/IP connection being established). 
Claim 6, 12, 24 discloses the method of claim 5 wherein: 

said connection information for establishing a new connection with said first 
communications system includes public Internet protocol address provided by said first 
network address translation device and port for said first communications system's next 
connection (Blewett column 2 lines 25-35); and 

said connection information for establishing a new connection with said second 
communications system includes public Internet protocol address provided by said 
second network address translation device and port for said second communications 
system's next connection (Blewett column 2 lines 25-35). 

Claims 13 and 25 disclose a system for enabling two communications system, located 
behind firewalls, to directly communicate with each other, said system comprising: 
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a central communications station (Yang fig 2 shows 205 as a central 
communication station); 

a first communications system (Yang fig 2, 210) and a second communications 
system (Yang fig 2, 120), wherein each of said first and second communications system 
comprises a respective secure connection interface that establishes a secure 
connection with said central communications station via an external data network 
through a network access (Yang fig 2 Connection (210 r >205) and Connection (120 2 - 
>205) and associated text describes them as secure connections); 

a first firewall and a second firewall respectively located between said external 
data network and said first and second communications systems, wherein each of said 
first and second firewalls respectively prevents communication initiated from said 
external data network from reaching said first or second communications system (Yang 
fig 2 1 10i and 1 10 2 are 2 firewalls between the internal and external networks); and 
said central communications station comprises: 

a secure connection interface that maintains secure connections with said 
first and second communications systems via said external communications 
network through a network access, and a secure redirector that forwards 
connection information of said second communications system to said first 
communications system via said secure connection with said first 
communications system thereby enabling said first communications system to 
transmit data to said second communications system, wherein said data uses 
said connection information of said second communications system as its 
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destination information and uses connection information for said central 
communications station as its source information so as to appear as if it had 
originated from said central communications station (Yang does not but Blewett 
teaches forwarding connection information. Blewett column 3 lines 55-64 teach 
clients connected through a TCP/IP connection. It would be obvious to one of 
ordinary skill in the art at the time of invention to us a TCP/IP connection where it 
would be inherent that connection information is exchanged in the connection 
oriented protocol. The motivation to combine Yang and Blewett would be within 
the same column and lines of Blewett where it states that a client in one network 
is initiating communication with a host on another network through a gateway 
(interpreted to be the central communication station). Column 3 lines 29-31, " A 
protected... security measures" teach the firewalls used in Yang. 

Blewett column 3 lines 65-67 and column 4 lines 1-3 where the security 
gateway is interpreted to be the central communications station as above are 
interpreted to be providing the redirector function through executing source 
network address translation). 
Claims 14 and 26 disclose the system of claims 13 and 27 wherein said connection 
information for said second communications system includes Internet protocol address 
and port of said second communications system and wherein said connection 
information for said central communications station includes Internet protocol address 
and port of said central communications station (Blewett column 10 lines 8-10 teach 
transformations based on network address/port). 
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Claims 15 and 27 disclose the system of claim 13 and 27, wherein said secure 
redirector additionally forwards connection information of said first communications 
system to said second communications system via said secure connection with said 
second communications system thereby enabling said second communications system 
to transmit data to said first communications system, wherein said data uses said 
connection information of said first communications system as its destination 
information and uses connection information for said central communications station as 
its source information so as to appear as if it had originated from said central 
communications station (Yang does not but Blewett teaches forwarding connection 
information. Blewett column 3 lines 55-64 teach clients connected through a TCP/IP 
connection. It would be obvious to one of ordinary skill in the art at the time of invention 
to us a TCP/IP connection where it would be inherent that connection information is 
exchanged in the connection oriented protocol. The motivation to combine Yang and 
Blewett would be within the same column and lines of Blewett where it states that a 
client in one network is initiating communication with a host on another network through 
a gateway (interpreted to be the central communication station). Column 3 lines 29-31 , 
" A protected... security measures" teach the firewalls used in Yang. 

Blewett column 3 lines 65-67 and column 4 lines 1-3 where the security gateway 
is interpreted to be the central communications station as above are interpreted to be 
providing the redirector function through executing source network address translation). 
Claims 16 and 28 disclose the system of claim 15 and 29 wherein said connection 
information for said first communications system includes Internet protocol address and 
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port of said first communications system (Blewett column 10 lines 8-10 teach 
transformations based on network address/port). 

Claims 17 and 29 disclose a system for enabling two communications system located 
behind firewalls and having associated network translation devices, to directly 
communicate with each other; said system comprising: 

a central communications station (Yang fig 2 shows 205 as a central 
communication station); 

a first communications system (Yang fig 2, 210) and a second communications 
system (Yang fig 2, 120), wherein each of said first and second communications system 
comprises: 

a respective secure connection interface that establishes a secure 
connection with said central communications station via an external data network 
through a network access (Yang fig 2 Connection (210 r >205) and Connection 
(120 2 ->205) and associated text describes them as secure connections), and 

a respective transmitter that transmits connection information for 
establishing a new connection with a respective one of said first and second 
communications system to said central communications station via said secure 
connection (Yang paragraph [0019] Communication software... invention, 
teaches communication software that enables data communications between 
computer systems.); 

a first firewall and a second firewall respectively located between said external 
data network and said first and second communications systems, wherein each of said 
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first and second firewalls respectively prevents communication initiated from said 
external data network from reaching said first or second communications system (Yang 
fig 2, 110i and 110 2 ); and 

a first network address translation device and a second network address 
translation device respectively associated with said first and second communications 
systems, wherein each of said first and second network address translation devices 
respectively provides public source information for outbound data originated from said 
first and second communications system (Yang fig 2 Connection (210i->205) 
associated text describes it as a secure connection. Yang does not but Blewett, column 
2 lines 25-35, teaches the use of source and destination address translation of port/ip 
address. It would be obvious to one of ordinary skill in the art at the time of invention to 
translate the source and destination ip addresses/ports of data exiting a private intranet. 
The motivation to combine would be Blewett column 2 lines 51-55 "network 
address... home network"); wherein: 

said central communications station comprises: 

a secure connection interface that maintains secure connections with said 
first and second communications systems via said external communications 
network through a network access (Yang does not but Blewett teaches 
forwarding connection information. Blewett column 3 lines 55-64 teach clients 
connected through a TCP/IP connection. It would be obvious to one of ordinary 
skill in the art at the time of invention to us a TCP/IP connection where it would 
be inherent that connection information is exchanged in the connection oriented 
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protocol. The motivation to combine Yang and Blewett would be within the same 
column and lines of Blewett where it states that a client in one network is 
initiating communication with a host on another network through a gateway 
(interpreted to be the central communication station), and 
a secure redirector that: 

forwards said connection information for establishing new 
connection with said second communications system to said first 
communications system via said secure connection with said first 
communications system thereby enabling said first communications 
system to transmit a connection request to said second communications 
system wherein said connection request uses said connection information 
for establishing new connection with said second communications system 
as its destination information (Yang paragraphs [0034] and [0035] disclose 
a redirector, and 

forwards said connection information for establishing new 
connection with said first communications system to said second 
communications system via said secure connection with said second 
communications system (Yang does not but Blewett teaches forwarding 
connection information. Blewett column 3 lines 55-64 teach clients 
connected through a TCP/IP connection. It would be obvious to one of 
ordinary skill in the art at the time of invention to us a TCP/IP connection 
where it would be inherent that connection information is exchanged in the 
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connection oriented protocol. The motivation to combine Yang and 
Blewett would be within the same column and lines of Blewett where it 
states that a client in one network is initiating communication with a host 
on another network through a gateway (interpreted to be the central 
communication station), thereby: 

enabling said second communications system to transmit 
connection acknowledgement and request from said second 
communications system to said first communications system 
wherein said connection acknowledgement and request uses said 
connection information for establishing new connection with said 
first communications system as its destination information(Blewett 
column 8 lines 45-45 teach a "reply packet" to the initiating host 
from the destination host), and 

enabling said first communications system to transmit a 
connection acknowledgement from said first communications 
system to said second communications system( Blewett column 3 
lines 55-65 teach a TCP/IP connection being established). 
Claims 18 and 30 disclose the system of claim 17 wherein: 

said connection information for establishing a new connection with said first 
communications system includes public Internet protocol address provided by said first 
network address translation device and port for said first communications system's next 
connection (Blewett column 2 lines 25-35); and 
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said connection information for establishing a new connection with said second 
communications system includes public Internet protocol address provided by said 
second network address translation device and port for said second communications 
system's next connection (Blewett column 2 lines 25-35). 

Note: Examiner has pointed out particular references contained in the prior arts of 
record and in the body of this action for the convenience of the applicant. Although the 
specified citations are representative of the teachings in the art and are applied to the 
specific limitations within the individual claim, other passages and figures may apply as 
well. Applicant should consider the entire prior art as applicable to the limitations of the 
claims. It is respectfully requested from the applicant, in preparing for response, to 
consider fully the entire reference as potentially teaching all or part of the claimed 
invention, as well as the context of the passage as taught by the prior arts or disclosed 
by the Examiner. 

Conclusion 

The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Nicole M. Young whose telephone number is 571-270- 
1382. The examiner can normally be reached on Monday through Friday, alt Fri off, 
8:00am-5:30pm. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 571-272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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